ELSA-2024-4278

Опубликовано: 02 июл. 2024

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2024-4278: qemu-kvm security update (IMPORTANT)

[8.2.0-11.el9_4.4]

Fixing CVE-2024-4467
Resolves: RHEL-35610

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

qemu-guest-agent

8.2.0-11.el9_4.4

qemu-img

8.2.0-11.el9_4.4

qemu-kvm

8.2.0-11.el9_4.4

qemu-kvm-audio-pa

8.2.0-11.el9_4.4

qemu-kvm-block-blkio

8.2.0-11.el9_4.4

qemu-kvm-block-curl

8.2.0-11.el9_4.4

qemu-kvm-block-rbd

8.2.0-11.el9_4.4

qemu-kvm-common

8.2.0-11.el9_4.4

qemu-kvm-core

8.2.0-11.el9_4.4

qemu-kvm-device-display-virtio-gpu

8.2.0-11.el9_4.4

qemu-kvm-device-display-virtio-gpu-pci

8.2.0-11.el9_4.4

qemu-kvm-device-usb-host

8.2.0-11.el9_4.4

qemu-kvm-device-usb-redirect

8.2.0-11.el9_4.4

qemu-kvm-docs

8.2.0-11.el9_4.4

qemu-kvm-tools

8.2.0-11.el9_4.4

qemu-pr-helper

8.2.0-11.el9_4.4

Oracle Linux x86_64

qemu-guest-agent

8.2.0-11.el9_4.4

qemu-img

8.2.0-11.el9_4.4

qemu-kvm

8.2.0-11.el9_4.4

qemu-kvm-audio-pa

8.2.0-11.el9_4.4

qemu-kvm-block-blkio

8.2.0-11.el9_4.4

qemu-kvm-block-curl

8.2.0-11.el9_4.4

qemu-kvm-block-rbd

8.2.0-11.el9_4.4

qemu-kvm-common

8.2.0-11.el9_4.4

qemu-kvm-core

8.2.0-11.el9_4.4

qemu-kvm-device-display-virtio-gpu

8.2.0-11.el9_4.4

qemu-kvm-device-display-virtio-gpu-pci

8.2.0-11.el9_4.4

qemu-kvm-device-display-virtio-vga

8.2.0-11.el9_4.4

qemu-kvm-device-usb-host

8.2.0-11.el9_4.4

qemu-kvm-device-usb-redirect

8.2.0-11.el9_4.4

qemu-kvm-docs

8.2.0-11.el9_4.4

qemu-kvm-tools

8.2.0-11.el9_4.4

qemu-kvm-ui-egl-headless

8.2.0-11.el9_4.4

qemu-kvm-ui-opengl

8.2.0-11.el9_4.4

qemu-pr-helper

8.2.0-11.el9_4.4

Связанные CVE

CVE-2024-4467

Ссылки на источники

Связанные уязвимости

CVE-2024-4467

CVSS3: 7.8

ubuntu

12 месяцев назад

A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.